Archives

Those of us in the fields of computer engineering and computer science find ourselves in the middle of an oxymoron. We are at the intersection where enrollments in our disciplines are dropping while at the same time the need for creative minds to solve pressing security problems is on the rise. Our institution, a well-known land grant with robust programs in computer security and information assurance at the undergraduate and graduate levels, recognized the need to encourage more Millennials to study in an information technology-related area and has started a program to try to entice students to enter our chosen professions.

The RAAF’s imperative is to train members of its No 462squadron in the appropriate disciplines required for the squadron to meet its charter. As a result No 462 Squadron and the Queensland University of Technology, in Brisbane, Queensland, Australia have developed a prototype training and education program designed to meet the Squadrons charter in a cooperative effort between a defense establishment and a public academic institution. This paper discusses the experience gained in the development and delivery of a formally recognized Australian tertiary qualification in information assurance designed to meet No 462 Squadron’s Information and Communications Technology (ICT) and Information Assurance education and training requirements.

Walsh College included a capstone course into their Information Assurance graduate (MSIA) program. The IA capstone course is modeled after the MSBIT/MSIS capstone course developed by Dr. W. Don Gottwald. The capstone course was designed to be integrative, broadly focused, and demanding on the student. To complete the capstone course, the student needs to demonstrate their knowledge of project management techniques and a mastery of the skills taught across their program.

Threats of cyber-warfare attacks (and counter attacks) by countries with the largest economies in the world, massive losses of financial and personal data on millions of Americans to cybercrime, and the potential to disrupt Americas critical infrastructures, should be on the minds of all Americans. Why? Because those who design, build, operate and defend the computer systems and networks that our economy relies upon are our fellow citizens. But where will these professionals acquire the skills in Computer Network Operations necessary to secure our future?

The Internet is unquestionably the most extensive and accessible resource for information and commerce in history. But it is also providing a medium for new forms of crime, espionage, and even terror, targeting organizations and individuals alike. Broad awareness of vulnerabilities and defenses is needed to protect against all types of cyber attacks. While online learning environments provide a great opportunity to train large numbers of people, they have yet to demonstrate effectiveness in high-stakes situations. In an effort to better prepare cyberspace defenders, we are developing a multidisciplinary training program that encompasses topics from computer science, management information systems, and legal and ethical studies, using state-of-the-art online learning methods and technology.

This article briefly explains the motive, purpose, feasibility and vision of creating an introductory information assurance course serving not only students seeking to become INFOSEC professionals, but which also reaches out to students from such diverse academic areas as Accounting, Business Administration, Education, and Criminal Justice to provide fundamental knowledge and skills. This course has been successfully mapped to meet 100% of the requirements of National Security Telecommunications and Information Systems Security (NSTISS) standards 4011 and 4013E.

Visualization plays a major role in understanding and interpreting security requirements. Security visualization means different things to different people. Some consider it as viewing the state of the environment and system. The purpose of this paper is to review some of the current methods used in security visualization.

Combining theoretical instruction with meaningful hands-on exercises is often challenging due to the lack of resources such as laboratory facilities and equipment. To overcome this problem, the use of a simulation/virtualization technology such as the OPNET simulation tool can be considered. In this paper, we discuss how one can use the OPNET simulation tool to effectively teach IP encryption and decryption concepts such as ones found in IP Security (IPSec).

This paper describes the results of applying formal security models to Cyber-Physical systems work in a classroom setting. The structure of the course required that each student select an infrastructure that had significant cyber and physical components. During the course, when they learned a model, they applied it to their infrastructure. Formal models included the HRU, Take-Grant, Bell-LaPadula, Biba, Non-interference, Non-inference, and Non-deducibility. The approach is described, results of the models, and student feedback are reported.

For the past three years, White Wolf Security has partnered with the CyberWATCH Center and the Community College of Baltimore County (CCBC) to design, conduct and score the Mid- Atlantic Regional Collegiate Cyber Defense Competition (CCDC). Over the course of those three engagements, the competition has grown in the number of teams, the size and diversity of infrastructure and the sophistication of the scoring process and visualization.